{{- $binaries := "/sbin/xtables-nft-multi /sbin/ip6tables-nft /sbin/ip6tables-nft-restore /sbin/ip6tables-nft-save /sbin/iptables-nft /sbin/iptables-nft-restore /sbin/iptables-nft-save /sbin/xtables-legacy-multi /sbin/iptables /sbin/iptables-restore /sbin/iptables-save /sbin/iptables-legacy /sbin/iptables-legacy-restore /sbin/iptables-legacy-save /sbin/ip6tables /sbin/ip6tables-restore /sbin/ip6tables-save /sbin/ip6tables-legacy /sbin/ip6tables-legacy-restore /sbin/ip6tables-legacy-save /usr/lib64/libnetfilter_conntrack.so*" }}
---
artifact: {{ $.ModuleName }}/{{ $.ImageName }}-binaries-artifact
from: {{ $.Images.BASE_ALT_DEV }}
shell:
  install:
    - /binary_replace.sh -i "{{ $binaries }}" -o /relocate
    - |
      for cmd in iptables iptables-save iptables-restore ip6tables ip6tables-save ip6tables-restore ip6tables-nft ip6tables-nft-restore ip6tables-nft-save iptables-nft iptables-nft-restore iptables-nft-save; do
        ln -f -s /iptables-wrapper "/relocate/sbin/${cmd}"
      done
      # broken symlinks are not imported from the artifact
      touch /iptables-wrapper
---
artifact: {{ .ModuleName }}/entrypoint-artifact
from: {{ $.Images.BASE_GOLANG_21_ALPINE_DEV }}
git:
- add: /{{ .ModulePath }}modules/035-cni-flannel/images/flanneld/entrypoint
  to: /src
  stageDependencies:
    install:
      - '**/*'
shell:
  install:
    - export GOPROXY={{ $.GOPROXY }}
    - cd /src
    - GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -ldflags="-s -w" -o /entrypoint main.go
---
artifact: {{ .ModuleName }}/flanneld-artifact
from: {{ .Images.BASE_GOLANG_20_ALPINE_DEV }}
shell:
  install:
    - mkdir -p /src
    - cd /src
    - git clone --depth 1 --branch v0.23.0 {{ $.SOURCE_REPO }}/flannel-io/flannel.git .
    - export GO_VERSION=${GOLANG_VERSION}
    - export GOPROXY={{ $.GOPROXY }}
    - make dist/flanneld
---
image: {{ .ModuleName }}/{{ .ImageName }}
fromImage: common/distroless
import:
- artifact: {{ .ModuleName }}/flanneld-artifact
  add: /src/dist/flanneld
  to: /opt/bin/flanneld
  before: setup
- artifact: {{ $.ModuleName }}/{{ $.ImageName }}-binaries-artifact
  add: /relocate
  to: /
  before: setup
- artifact: {{ $.ModuleName }}/{{ $.ImageName }}-binaries-artifact
  add: /
  to: /
  includePaths:
  - lib64/iptables
  - lib64/libm*
  before: setup
- artifact: {{ .ModuleName }}/entrypoint-artifact
  add: /entrypoint
  to: /entrypoint
  before: setup
- image: common/iptables-wrapper
  add: /iptables-wrapper
  to: /iptables-wrapper
  before: setup
docker:
  ENTRYPOINT: ["/entrypoint"]
